-
Recent Posts
- Build nwjs12 for windows
- Deobfuscate Javascript using PhantomJS (Headless browser)
- Angler Exploit kit breaks Referer chain using HTTPS to HTTP redirection
- Instrument Microsoft Office applications to defeat macro obfuscations
- Dealing with pcaps in windows using Fiddler/FiddlerCore
- Extend Sulo to find the CVE of Flash exploits
- Understanding CVE-2015-0310 Flash vulnerability
- Build and use PCRE in windows
Top Clicks
- None
May 2024 S M T W T F S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 -
Join 54 other subscribers
Category Archives: SDLC
Microsoft Attack Surface Analyzer Command line option
Microsoft Attack Surface Analyzer is a nice tool to analyze the modifications made by a product. Many a times we may need to automate this. Microsoft provided command line options to automate this. Usage: Attack Surface Analyzer.exe [arguments] /Baseline <file> … Continue reading
SCALMS–Source Code Auditors Log Management System
In my auditing job, I used to face lot of issues when we work as a team. Problems we face are,1) Work on multiple projects/products at a time.2) When you work as a team, how do you assign an … Continue reading
C++ Code Audit Diary 1: STL implementation difference
STL supports value semantics. There is no support for the reference semantics in C++ STL. Even then few STL function template supports pass-by-reference. There is a difference between this supports in MSVC and GCC. I take an example from the … Continue reading
Posted in C/C++, Code review experiance, SDLC, Windows VC++
Tagged C++ Code Audit, STL Implementation difference
Leave a comment
Build An AppSec Training Program for Development Teams–Veracode
Recently Veracode arranged for a presentation related to AppSec Training. It is a good materials to listen. You can learn lot of lessons on how to “push” a AppSec training. Good Presentation. Those who work in SDLC process implementation should … Continue reading